Many types of information available in a pervasive computing
environment, such as people location information, should be accessible
only by a limited set of people.  Some properties of the information
raise unique challenges for the design of an access control mechanism:
Information can emanate from more than one source, it might change its
nature or granularity before reaching its final receiver, and it can
flow through nodes administrated by different entities. We propose
three design principles for the architecture of an access control
mechanism: (1) extract pieces of information in raw data streams early,
(2) define policies controlling access at the information level, and
(3) exploit information relationships for access control. We describe
an example architecture in which we apply these principles. We also
report how our earlier work about adding access control to a people
location service contributed to the more general access control
architecture proposed here.